• Sicco Boomsma, Director at ING Bank’s Structured Finance TMT team


• 01.08.2017 08:15 am
undisclosed

From anti-virus software to firewalls, IT infrastructure and network security solutions predate the internet. Previously stand-alone applications with limited capabilities, network security systems have evolved into multi-functional unified platforms leveraging deeper ties between network, endpoint and analytics technologies to improve visibility, predictability and protection across the entire IT infrastructure ecosystem.

Unified Threat Management (UTM) solutions combine well-established technologies such as anti-virus applications and firewalls with newer techniques such as intrusion detection, identity management and content filtering within a single solution that can perform numerous security functions simultaneously. UTMs can, therefore, provide layered protection to all sizes and types of organisations, from small businesses to large multinational corporations.

“The underlying principle is to integrate components of IT security that have largely operated as separate disciplines such that they can actively and continuously share and correlate information to detect malicious activity that otherwise might have gone undetected,” says security software specialist Sophos Group.

While UTM systems have traditionally been deployed in-house, often with significant upfront costs and ongoing maintenance requirements, in recent years a new range of solutions have emerged from third-party providers harnessing cloud technology to provide UTM as software-as-a-service (SaaS).

These SaaS UTM platforms lower total cost of ownership by eliminating data centre, hardware, setup fee and maintenance outlays, shifting cyber-security expenditure to a subscription model, while enabling organisations more easily to scale their security as requirements change.

Indeed, as networks grow, applying the right security policies at the right network control points is challenging, with multiple stand-alone native-point solutions proving difficult to maintain. Firewalls, for example, often have thousands of rules accumulated over years of deployment and changing access control lists. “These rules are often obsolete, conflicting or redundant, impacting a network’s performance and availability,” says IT research and consultancy group Gartner.

In addition, as organisations increasingly shift data and applications to the cloud, network processes are continuously being launched, modified, moved or cancelled using automated release pipelines and application programme interfaces, resulting in rapidly changing attack surfaces. With highly scalable applications and high data velocities, traditional security tools and manual workflows cannot keep up, leaving enterprise assets susceptible to attack.

This trend is fuelling demand for matching cloud-based solutions that not only provide comprehensive security but are highly adaptable and scalable, often using machine-learning and artificial intelligence to update access protocols, secure networks and data, and detect threats automatically.

Such adaptive unified threat management platforms are designed to enable precise security decisions based on the context in which applications and users operate, rather than relying on more traditional rigid blocking methods. The systems act on information captured through continuous monitoring of network traffic, application activity, endpoint states, user behaviour and other relevant data sets to obtain as much context as possible, while maintaining records of user and network activity. This can, in turn, help organisations comply with regulatory requirements regarding access controls and auditing.

Demand for unified threat management systems, especially based in the cloud and offered as SaaS, is a key driver of growth in the infrastructure and network security market. Gartner forecasts that the sector will grow at a compound annual rate of 8.4% to reach €10.4bn by 2019.